Tagged Questions

In computing, C (/ˈsiː/, like the letter C) is a general-purpose programming language initially developed by Dennis Ritchie at bell labs Its design provides constructs that map efficiently to typical machine instructions

Im trying to make a really decent compression method. This is sort of getting throttled though by my lack in college level mathematics and algorithms. Can someone help me with this code? Its really ...

In a current project the NaCl-library crypto_box function has been used to encode and crypto_box_open to authenticate and decode data.
However the library does not seem to support de- / encoding of ...

I need to generate many many initialization vectors and session keys in C++ code. I am wondering if arc4random is up to the task. Last I heard, there are many weaknesses in the RC4 cipher. Should I ...

I'm new to security and currently referring to Robert Seacord's Secure Coding in C and C++. In chapter 2 of the same, the author talks about arc injection, wherein he passes the flow of control in the ...

I was reading a paper and saw this piece of code has an information leakage vulnerability. It was saying the following code will Leak memory layout information to the attackers
Could somebody please ...

I am learning about stack buffer overflow. A little info about my target: A x86 little endian intel-based computer, with a target compiled with TCC Compiler with no protections of any kind running on ...

After reading this article ("Everything is broken" by Quinn Norton) I was about to ask a question similar to this one (Why are security-crucial software written in unsafe languages?)... but actually I ...

I am developing a script to perform an a buffer overflow for an assignment in school. However, I am stuck at a point where my payload works injected through the commandline, but not injected through ...

I'm doing a school project where we are building a simple web server in C. To implement this I read the first line of the request (all I need for my purposes) and parse the middle string as the file ...

According to an article I just read, the functions printf and strcpy are considered security vulnerabilities due to Buffer overflows. I understand how strcpy is vulnerable, but could someone possibly ...

I need to detect https packets in network traffic . Until now I were marking all "443" as https but I don't want to use port information for these any more .
Will it be enough to check client hello ...

I am learning about return to system call attacks for a security class. I understand that in this kind of attack, attackers replace the standard return value for a stack frame with the address of a ...

When searching for the source for Stuxnet, its relatively easy to come by in one form or another. Although I'm actually curious if anyone has done any work to comment the source and perhaps clean up ...

I was cleaning up some code today on the advice of someone I know, and was made aware of the potential for a hacker to gain control over the flow of the process using format strings, particularly the ...

I'm writing a daemon that monitors something in the OS and flips execution permissions on a file in /run/ back and forth. The file has static contents and the file name is hardcoded in the daemon. I ...